zi.wang@ziwangdeMacBook-Pro aws % aws events list-targets-by-rule --rule mycat-coupon-rule-offlineDistributionChannelTrigger-prod --region cn-north-1
{
"Targets": [
{
"Id": "Id123456789",
"Arn": "arn:aws-cn:sqs:cn-north-1:*****:demo-test-sqs-trigger-prod",
"Input": "{ \"Message\": { \"type\": \"trigger\" } }"
}
]
}
terraform import -var-file prod.aws.key aws_cloudwatch_event_target.trigger demo-test-sqs-trigger-prod/Id123456789
--var-file:中的key文件是通过请求获取临时token得到。
cat aws_prod.sh
#!/bin/bash
export AWS_ACCESS_KEY_ID="awsid" && export AWS_SECRET_ACCESS_KEY="awsSECRETkey" && \
aws sts assume-role --duration-seconds 21600 --role-arn arn:aws-cn:iam::123456:role/test-prod-developer \
--role-session-name test --serial-number arn:aws-cn:iam::123456:mfa/test \
--region cn-north-1 --token-code $1
bash aws_prod.sh mfanumber
获取AccessKeyId,SecretAccessKey,SessionToken
cat > prod.aws.key <<EOF
aws_access_key = "xxx"
aws_secret_key = "xxx"
aws_session_token = "xxx"
EOF